This document serves as a personal Linux reference for bringing servers online and keeping them operational. It records the commands, configurations, and patterns I use in practice to deploy web applications, manage services, and expose systems safely to the internet.
The focus is on what works reliably, not on mastering every subsystem in depth. These notes reflect an application-centric view of Linux: using the operating system as a stable foundation for running software rather than as an end in itself.
General
Reboot
sudo rebootUser
adduser $USER_NAME
usermod -aG sudo $USER_NAMEFirewall
ufw app list
ufw allow OpenSSH
ufw enable -y
ufw statusinstall
An example of installing apps.
apt-get install -y nodejs
apt-get install -y npmServices
Test Nginx configuration
sudo systemctl status {service}
sudo systemctl restart {service}
sudo systemctl enable {service}
sudo systemctl disable {service}
sudo systemctl start {service}
sudo systemctl stop {service}
sudo journalctl -xeu {service}NGINX
Nginx Install
sudo apt install nginx -y
#Weird hack to bypass an issue on ubuntu22
sudo apt-get remove nginx
sudo apt update
sudo apt install nginx
#should show nginx http here:
sudo ufw app listNginx Firewall
sudo ufw allow 'Nginx Full'
sudo ufw enable -y
systemctl status nginxNginx Commands
NGINX is a service so it's commands are the same as the ones listed in the service section with nginx being the service name, however, I have included it's specific commands here, as I believe setting up services is a more advanced step compared to just running NGINX and people looking to use nginx might not be fully aware of services as a general concept yet.
Nginx Report
sudo nginx -tRestart Nginx
sudo systemctl restart nginxStart Nginx
sudo systemctl start nginxStop Nginx
sudo systemctl stop nginxEnable Nginx to start on boot
sudo systemctl enable nginxDisable Nginx from auto-starting
sudo systemctl disable nginxCheck Nginx service status
sudo systemctl status nginxView recent logs
sudo journalctl -u nginx --since "10 minutes ago"Nginx .conf
This is an example of a solid NGINX reverse proxy configuration, commonly used to front application servers.
Features
- It redirects the www. subdomain to the canonical non-www domain. DNS records for both the www and non-www domains must point to the server so NGINX can receive and redirect traffic
- Uses HTTP/2, which improves performance for most modern web applications by multiplexing multiple requests over a single connection, reducing latency for pages with many assets.
- Enables HTTPS by terminating TLS using an SSL certificate. Certificate issuance is handled separately.
- The domain name must be changed to your site's domain name.
- {PORT} must be replaced with the port your web app is listening to.
server {
listen 80;
server_name www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl http2;
server_name www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
return 301 https://example.com$request_uri;
}
# Handle non-www traffic
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_pass http://localhost:{PORT};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Cert
To enable HTTPS, an SSL certificate is required. Certificates can be obtained for free using common tooling. I use the following shell script to quickly provision certificates for new domains.
#!/bin/sh
#get_cert.sh
# Prompt for the domain name
read -p "Enter the domain name for which you want to obtain an SSL certificate: " DOMAIN_NAME
# Run Certbot to obtain the SSL certificate
echo "Attempting to obtain an SSL certificate for $DOMAIN_NAME..."
sudo certbot certonly --nginx -d "$DOMAIN_NAME"
# Check if Certbot was successful
if [ $? -eq 0 ]; then
echo "SSL certificate for $DOMAIN_NAME obtained successfully."
else
echo "An error occurred while trying to obtain the SSL certificate for $DOMAIN_NAME."
fi
Personal Notes
Putty
I use putty primarily for a server console.
- Right click pastes into console
FileZilla
For basic sites i use FileZilla with restart .trigger files
Rsync
I use Rsync for complex update pipelines.

